Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41C733205E5811F0B90597D1DAE4EC9C.roa
File: 41C733205E5811F0B90597D1DAE4EC9C.roa (raw, json)
Hash identifier: OvUz4tUlEDHkH/DOrx/5UpvHQ3XZFSvY2+7jYCSmhWY=
Subject key identifier: AF:2D:B6:A4:10:7B:61:F6:F5:7A:9F:B3:65:E9:A3:17:6F:35:C2:53
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0164AF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41C733205E5811F0B90597D1DAE4EC9C.roa
Signing time: Fri 11 Jul 2025 13:09:21 +0000
ROA not before: Fri 11 Jul 2025 13:09:16 +0000
ROA not after: Sat 16 Aug 2025 13:09:16 +0000
asID: 395793
IP address blocks: 45.196.194.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91311 (0x164af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 11 13:09:16 2025 GMT
Not After : Aug 16 13:09:16 2025 GMT
Subject: CN=68710d00-54b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:02:22:a1:ed:19:22:0b:be:4a:31:f4:7e:3d:
52:fa:da:fd:1d:7d:16:d7:9e:52:2e:43:37:e3:2e:
76:c2:5c:69:c8:79:f4:68:a9:bd:f4:76:8f:95:4e:
84:11:5c:2d:03:82:61:8a:9b:91:fa:f2:7a:90:92:
a5:0a:e1:c7:f4:42:a7:04:81:08:3b:0c:82:f9:e8:
85:ae:33:9d:6b:09:db:60:b3:e8:58:88:b7:c1:3c:
f3:50:b8:2e:69:9d:94:01:ee:7f:83:4f:86:9f:b1:
40:4c:df:ba:ee:24:61:c7:17:59:23:01:35:1a:25:
bd:6a:b8:f4:8a:9c:57:b8:60:ea:e0:0d:72:36:d7:
f5:c4:b5:d1:e4:f9:05:1a:b1:ab:9f:b8:bd:28:14:
cd:0b:64:11:a5:90:86:83:74:21:24:dd:ee:94:ac:
76:5e:65:6e:02:68:ff:14:e2:e4:7a:a8:ac:60:0c:
e7:90:19:dd:5f:5a:62:7b:fb:83:98:d2:6a:91:d7:
54:98:a0:ce:9e:d6:a9:96:95:9b:93:31:20:44:f5:
b4:9e:9f:4c:e5:91:8f:22:48:29:04:52:ba:59:44:
48:6a:04:54:8d:fb:d5:46:30:e7:f7:61:8f:a7:fd:
e0:e1:5a:63:56:b7:03:58:3f:2b:5c:3d:4d:1f:a0:
6a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:2D:B6:A4:10:7B:61:F6:F5:7A:9F:B3:65:E9:A3:17:6F:35:C2:53
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/41C733205E5811F0B90597D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.196.194.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:2f:6c:55:1d:8d:ab:06:69:8b:b1:27:b7:4b:83:75:a8:57:
bf:88:f5:3e:7d:5c:a9:a4:34:c9:15:ea:cd:11:28:82:9e:3f:
6a:cc:6b:8d:df:cc:cb:c2:c7:af:3a:ce:e8:d9:31:73:29:aa:
e0:36:41:d6:b9:33:17:2b:5a:93:77:57:ed:1d:a8:76:0d:7c:
8a:36:38:4b:6d:c0:a6:17:37:f5:5f:12:34:fe:5e:dc:20:7d:
4a:56:21:af:50:bc:ba:18:68:53:59:3d:10:9d:2c:28:2b:72:
58:6d:8e:3b:7f:df:8a:c2:3c:c1:19:1f:48:f5:2d:1e:a6:be:
f7:bb:be:93:61:c4:59:e7:cc:95:b6:56:9c:7b:7d:98:ea:d0:
7a:51:fb:c1:eb:e0:a4:33:b7:d4:7a:74:ea:18:0f:f4:82:9d:
a4:0d:65:4d:f3:bf:5f:7f:b4:1f:c9:20:ed:ef:7e:fd:9c:cf:
19:a7:ff:5c:07:89:0d:4e:cb:34:73:61:82:f2:49:2b:a1:42:
3f:55:7c:9b:54:a1:8a:af:a5:35:e0:bc:57:37:15:33:10:80:
b2:f7:2a:00:fd:a4:c7:31:c0:0a:20:7a:55:f3:ac:86:43:ba:
3c:a8:31:c5:a9:2a:54:62:ae:3c:9f:ff:5a:48:b0:28:e3:6c:
0d:64:8f:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWSvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzExMTMwOTE2WhcNMjUwODE2MTMwOTE2WjAYMRYw
FAYDVQQDEw02ODcxMGQwMC01NGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2QIioe0ZIgu+SjH0fj1S+tr9HX0W155SLkM34y52wlxpyHn0aKm99HaP
lU6EEVwtA4JhipuR+vJ6kJKlCuHH9EKnBIEIOwyC+eiFrjOdawnbYLPoWIi3wTzz
ULguaZ2UAe5/g0+Gn7FATN+67iRhxxdZIwE1GiW9arj0ipxXuGDq4A1yNtf1xLXR
5PkFGrGrn7i9KBTNC2QRpZCGg3QhJN3ulKx2XmVuAmj/FOLkeqisYAznkBndX1pi
e/uDmNJqkddUmKDOntaplpWbkzEgRPW0np9M5ZGPIkgpBFK6WURIagRUjfvVRjDn
92GPp/3g4VpjVrcDWD8rXD1NH6BqjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK8t
tqQQe2H29Xqfs2XpoxdvNcJTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MUM3MzMyMDVFNTgxMUYwQjkwNTk3RDFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcTCMA0GCSqGSIb3DQEBCwUA
A4IBAQA8L2xVHY2rBmmLsSe3S4N1qFe/iPU+fVyppDTJFerNESiCnj9qzGuN38zL
wsevOs7o2TFzKargNkHWuTMXK1qTd1ftHah2DXyKNjhLbcCmFzf1XxI0/l7cIH1K
ViGvULy6GGhTWT0QnSwoK3JYbY47f9+KwjzBGR9I9S0epr73u76TYcRZ58yVtlac
e32Y6tB6UfvB6+CkM7fUenTqGA/0gp2kDWVN879ff7QfySDt7379nM8Zp/9cB4kN
Tss0c2GC8kkroUI/VXybVKGKr6U14LxXNxUzEICy9yoA/aTHMcAKIHpV86yGQ7o8
qDHFqSpUYq48n/9aSLAo42wNZI+B
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:26:39 2025 by rpki-client